Let me get one thing straight right out of the gate: technology is not a compliance panacea. It may afford incredible efficiencies and in certain applications be substantially more accurate and reliable than us mortal humans, but it is not a set-it-and-forget-it prophylactic to all nefarious intentions. After all, technology is designed and built by humans.
All that being said, certain technological solutions can be pretty bleepin’ clutch when it comes to implementing a supervisory compliance program at a registered investment advisor. Below I’ve described a few areas where automated tools, web-based platforms or digital solutions can both increase compliance oversight and decrease a CCO’s blood pressure. The list is certainly not exhaustive, but hopefully it will suggest some easy wins for firms looking to evolve from paper-based, manual processes.
Code of Ethics
Every SEC-registered advisor (and most state-registered advisors) is required to adopt a code of ethics that, in part, calls for reporting and reviewing of personal securities transactions by the advisor’s associated persons. It was not long ago that this entailed receiving duplicate paper copies of trade confirms and account statements, and manually reviewing them for trading or pre-clearance violations. Even at a small firm this task can be laborious if associated persons have multiple accounts.
Now there are several sizable vendors that will receive automated electronic feeds directly from a variety of custodians and flag prohibited transactions, highlight suspicious activity or generate exception reports. Books and records are maintained electronically and an audit trail of all account activity and compliance review is stored within the system itself.
In addition, certain vendors will also tack on the ability to distribute, collect and retain questionnaires, certifications and/or attestations that you may wish to distribute to your associated persons. These can be used to have associated persons certify that they’ve read and understood policies and procedures, verify the contents of their U4 or haven’t received any customer complaints. Perhaps the best feature is automated reminder emails for the stragglers that never seem to get these things in on time. If your firm requires pre-clearance of marketing material or political contributions, e.g., this tool can also be used to create a pre-clearance and approval workflow, which can help extract unneeded communications from already-crowded email inboxes.
Evidence of Review
The old regulatory adage “if it’s not in writing, it never happened” is particularly cautionary for CCOs and compliance personnel. How is a CCO to prove that he or she reviewed or approved something if there is nothing in writing to evidence when and by whom that something was reviewed or approved? Call me crazy but I don’t think the SEC is too keen on taking people at their word.
Back in my paper-based days, I used to physically date-stamp documents and sign my initials, and then scan those documents into our recordkeeping system. Needless. Certain versions of Adobe Acrobat allow you to electronically date stamp and sign PDF documents, or even import your own signature or digital credentials for authentication. Other electronic signature services that are admittedly designed for multiple parties signing contracts (e.g., advisory agreements) can also be used for a single signer to prove that a document was reviewed or approved by a particular person on a particular date.
This is a free and easy means to keep tabs on your firm or your associated persons in the largest public forum of all: the internet. In a nutshell, Google will comb the Web for the search terms you designate, and notify you anytime something new pops up on the Web about your words or phrases of interest. For example, you can input the names of certain associated persons, the name of your firm, investment providers you may work with or material vendors you’ve partnered with… I’d even create an alert for yourself.